Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-10 | CVE-2023-38830 | Exposure of Resource to Wrong Sphere vulnerability in PHPjabbers Yacht Listing Script 1.0 An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module. | 7.5 |
| 2023-08-08 | CVE-2023-39214 | Exposure of Resource to Wrong Sphere vulnerability in Zoom Meeting Software Development Kit, Rooms and Zoom Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated user to enable a denial of service via network access. | 8.1 |
| 2023-08-03 | CVE-2023-38955 | Exposure of Resource to Wrong Sphere vulnerability in Zkteco Bioaccess IVS 3.3.1 ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information about all managed devices, including their IP addresses and device names. | 7.5 |
| 2023-08-03 | CVE-2023-33368 | Exposure of Resource to Wrong Sphere vulnerability in Assaabloy Control ID Idsecure Some API routes exists in Control ID IDSecure 4.7.26.0 and prior, exfiltrating sensitive information and passwords to users accessing these API routes. | 6.5 |
| 2023-07-28 | CVE-2023-3670 | Exposure of Resource to Wrong Sphere vulnerability in Codesys Development System and Scripting In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users. | 7.3 |
| 2023-07-26 | CVE-2023-39155 | Exposure of Resource to Wrong Sphere vulnerability in Jenkins Chef Identity Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it. | 5.3 |
| 2023-07-26 | CVE-2023-1401 | Exposure of Resource to Wrong Sphere vulnerability in Gitlab 3.1.0/4.0.0 An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization. | 4.3 |
| 2023-07-25 | CVE-2022-46901 | Exposure of Resource to Wrong Sphere vulnerability in Vocera Report Server and Voice Server An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. | 7.5 |
| 2023-07-25 | CVE-2023-34189 | Exposure of Resource to Wrong Sphere vulnerability in Apache Inlong Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. | 6.5 |
| 2023-07-20 | CVE-2023-37645 | Exposure of Resource to Wrong Sphere vulnerability in Eyoucms 1.6.3 eyoucms v1.6.3 was discovered to contain an information disclosure vulnerability via the component /custom_model_path/recruit.filelist.txt. | 5.3 |